1. OpenClaw Security Flaw: Sub-agents Bypass Exec Approvals, Enabling Unauthorized Command Execution & File Writes
A critical security vulnerability has been identified in OpenClaw (version 2026.2.3-1). Sub-agents created via the `sessions_spawn` function can completely bypass the configured execution approval mechanism. This flaw allows these sub-agents to execute arbitrary commands, including file write operations, without trigge...